def test_all_probes(self): probes = list(all_probes.class_filter(OsqueryFIMProbe)) self.assertEqual(len(probes), 3)
def test_all_probes(self): probes = list(all_probes.class_filter(OsqueryComplianceProbe)) self.assertEqual(len(probes), 4)
def test_all_probes(self): probes = list(all_probes.class_filter(OsqueryDistributedQueryProbe)) self.assertEqual(len(probes), 3)
from zentral.core.probes.conf import ProbeList, all_probes from zentral.core.exceptions import ImproperlyConfigured from .probes import OSQueryProbe DEFAULT_ZENTRAL_INVENTORY_QUERY = "__default_zentral_inventory_query__" def item_func(probe): for osquery_query_key, osquery_query in probe.iter_schedule_queries(): yield (osquery_query_key, (probe, osquery_query)) queries_lookup_dict = all_probes.class_filter(OSQueryProbe).dict(item_func) def build_osquery_conf(machine): schedule = { DEFAULT_ZENTRAL_INVENTORY_QUERY: { 'query': "SELECT 'os_version' as table_name, name, major, minor, " "patch, build from os_version;" "SELECT 'system_info' as table_name, " "computer_name, hostname, hardware_model, hardware_serial, " "cpu_type, cpu_subtype, cpu_brand, cpu_physical_cores, " "cpu_logical_cores, physical_memory from system_info", 'snapshot': True, 'interval': 600 } } file_paths = {} osquery_probes = ProbeList().class_filter(OSQueryProbe) # ProbeList to avoid cache inconsistency for probe in osquery_probes.machine_filtered(machine): for osquery_query_key, osquery_query in probe.iter_schedule_queries():
from zentral.core.probes.conf import ProbeList, all_probes from .probes import SantaProbe def iter_santa_policies(probe): for santa_p in probe.policies: yield (santa_p["sha256"], probe) probes_lookup_dict = all_probes.class_filter(SantaProbe).dict(iter_santa_policies, unique_key=False) def build_santa_conf(machine): """ Build the santa conf. The santa conf is the source of the json document that is sent to the santa client when it connects to zentral. It is a list of all the rules found in all the configured probes for that client. """ rules = [] santa_probes = ProbeList().class_filter(SantaProbe) # ProbeList to avoid cache inconsistency for probe in santa_probes.machine_filtered(machine): rules.extend(probe.policies) return {'rules': rules}